WordPress Plugin Vulnerabilities

WP Super Cache < 1.4.5 - PHP Object Injection

Description

The WP Super Cache WordPress plugin was affected by a PHP Object Injection security vulnerability.

Affects Plugins

Plugin icon
wp-super-cache
Fixed in 1.4.5

References

URL
http://z9.io/2015/09/25/wp-super-cache-1-4-5/

Classification

Type
OBJECT INJECTION
OWASP top 10
A8: Insecure Deserialization
CWE
CWE-502
CVSS
8.0 (high)

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
e3c7dc0a-fd8b-4057-a049-ac9100f590f9

Timeline

Publicly Published
2015-09-25 (about 10 years ago)
Added
2015-09-26 (about 10 years ago)
Last Updated
2026-04-13 (about 29 days ago)

Other

Published
Title
Published
2024-04-09
Title
Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Carousel & Product Grid for WooCommerce < 2.6.4 - Authenticated (Admin+) PHP Object Injection
Published
2024-08-27
Title
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider < 2.0.4 - Unauthenticated PHP Object Injection
Published
2025-08-09
Title
Gravity Forms Insightly < 1.1.7 - Unauthenticated PHP Object Injection
Published
2025-03-21
Title
Export and Import Users and Customers < 2.6.3 - Authenticated (Admin+) PHP Object Injection via form_data Parameter
Published
2025-05-16
Title
WP Tabs < 2.2.13 - Admin+ PHP Object Injection